Paris Hilton and you

It didn't require a California law for data-theft victims to be notified after Paris Hilton's phone book hit the Web a week ago. Oh, they knew. Dozens of celebs, ranging from rapper Eminem to tennis babe Anna Kournikova, suffered through hundreds of calls from fans, pranksters and anyone else who found the contents of Hilton's T-Mobile cell phone on the Internet. There were also snapshots, to-do lists and transcripts of Hilton's text-messaging chats. But what caught headlines were the phone numbers of all those poor, beleaguered B-listers, suddenly out there where any nobody with a dialing finger could call them.

C'mon, stop snickering. I'm getting to a serious point here.

See, Hilton thought all that personal data was on her cell phone, tucked safely away in her ... well, wherever she keeps it. But she was wrong. The data's real home was on T-Mobile's servers. Her Sidekick II phone stored the data there automatically, just as it was designed to.

That arrangement means the data won't be lost if the phone is damaged or the batteries die. But it also means that if anyone were to hack into T-Mobile's servers, they'd have access to whatever Hilton put in her phone: pictures, documents, phone numbers, the works.

And T-Mobile's servers have a history of being hacked. In October 2003, intruders got into T-Mobile's customer databases and acquired passwords and other information that, in turn, let the bad guys access customer accounts. Hilton's account information was reportedly compromised at that time.

So was account information for a hotshot U.S. Secret Service agent, Peter Cavicchia. Cavicchia didn't store the numbers of celebrity friends on his phone -- that is, on T-Mobile's servers. He stored material linked to ongoing Secret Service criminal investigations.

According to the New York Daily News, that allowed one or more hackers to access numerous Secret Service documents, including reports, requests for subpoenas and a confidential treaty with Russia.

Cavicchia has since left the Secret Service, which says the security breach didn't compromise any ongoing investigations. And last week 22-year-old Nicholas Jacobsen pleaded guilty to the 2003 T-Mobile break-in. He'll be sentenced in May.

Now think: If a Secret Service agent stored sensitive information on his phone, how many of your users have likely done the same thing? And even if you've warned them to guard their phones carefully, how many have unknowingly stored sensitive company documents or data on a cell phone company's servers, where the only thing standing between that data and hackers is security you have no control over?

You can't protect that information. You don't even know what information is at risk. And your users don't even know it is at risk.

Not snickering now, are you? We're not talking about glitterati inconvenience and embarrassment any more. This is about your job: protecting your company's data.

What can you do? You could ban the use of state-of-the-art cell phones (which won't work). Or you could carefully audit every user's phone account for security (which would add a huge amount of work).

Or you can once again take on the challenge of educating your users. You can explain the risks of storing company data on their phones. And offer guidance about what data is safest to keep on which phones. And encourage them to consult with IT to keep potential problems to a minimum.

Yes, that's still a big job. It will require educating yourself on cell phone risks, too. But if you can get users to understand what's on the line, maybe you can get them to help you keep that data secure instead of fighting you.

After all, you don't really want to end up like Paris Hilton, do you?

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Frank Hayes

Show Comments


James Cook University - Master of Data Science Online Course

Learn more >


Victorinox Werks Professional Executive 17 Laptop Case

Learn more >

Sansai 6-Outlet Power Board + 4-Port USB Charging Station

Learn more >



Back To Business Guide

Click for more ›

Brand Post

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?